Brute force / spam protection at login page

Volodymyr Rets asked on November 20, 2018 09:55

Hello. Interested in protection against brute force on the login page. Now after N-unsuccessful attempts, the user account is blocked. But no one bothers the evil user to constantly keep account locked. Is it possible to realize a reCAPTCHA V2 after N-incorrect input attempts and how can this be done? Thank you.

Recent Answers

Dražen Janjiček answered on November 21, 2018 15:16

Are you referring to the login page of the Kentico administration interface? From a security perspective it would make more sense to restrict access to /admin for delivery environments. Or at least, allow access to that folder for specific IP addresses only and block access for everybody else.

0 votesVote for this answer Mark as a Correct answer

Volodymyr Rets answered on November 23, 2018 11:19

Added reCaptcha to admin login page

0 votesVote for this answer Mark as a Correct answer

   Please, sign in to be able to submit a new answer.